Reference Guide
Aruba 3000, 6000/M3 Mobility Controller FIPS 140-2 Level 2 Security Policy|25
31 ECDSA Private Key
ECDSA suite B P-256
and P-384 curves
Generated in the
module
Stored in flash
memory encrypted
with KEK. Zeroized by
the CO command
write erase all.
Used by TLS and
EAP-TLS/PEAP
protocols during the
handshake.
32 ECDSA Public Key
ECDSA suite B P-256
and P-384 curves
Generated in the
module
Stored in flash
memory encrypted
with KEK. Zeroized by
the CO command
write erase all.
Used by TLS and
EAP-TLS/PEAP
protocols during the
handshake.
33
802.11i Pre-Shared
Key (PSK)
8-63 character 802.11i
pre-shared secret for
use in 802.11i (SP 800‐
108) key derivation
CO configured
Stored in flash
memory encrypted
with KEK. Zeroized by
the CO command
write erase all.
Used by the 802.11i
protocol
34
802.11i Pair-Wise
Master key (PMK)
802.11i secret key
(256-bit)
Derived during the
EAP-TLS/PEAP
handshake
Stored in the volatile
memory. Zeroized on
reboot.
Used by the 802.11i
protocol
35 802.11i session key
AES-CCM key (128
bits), AES-GCM key
(128/256 bits)
Derived from 802.11
PMK
Stored in plaintext in
volatile memory.
Zeroized on reboot.
Used for 802.11i
encryption
36
SNMPv3
authentication
password
8-64 character
password
CO configured
Stored in flash
memory encrypted
with KEK. Zeroized
by the CO command
write erase all.
Used for SNMPv3
authentication
37
SNMPv3 privacy
password
8-64 character
password
CO configured
Stored in flash
memory encrypted
with KEK. Zeroized
by the CO command
write erase all.
Used to derive
SNMPv3 session key
38
SNMPv3 session key
AES-CFB key (128
bits)
Derived from SNMPv3
privacy password using
an approved KDF
Stored in volatile
memory. Zeroized on
reboot.
Secure channel for
SNMPv3 management